The instructions on how to do this are hinted in the BearerTokenResponse
class (part of the league/oauth2-server package).
Tested on Laravel 5.7.
1. Extend the BearerTokenResponse
class, add the extra params you need in the response.
namespace AppAuth;
use LeagueOAuth2ServerEntitiesAccessTokenEntityInterface;
class BearerTokenResponse extends LeagueOAuth2ServerResponseTypesBearerTokenResponse
{
/**
* Add custom fields to your Bearer Token response here, then override
* AuthorizationServer::getResponseType() to pull in your version of
* this class rather than the default.
*
* @param AccessTokenEntityInterface $accessToken
*
* @return array
*/
protected function getExtraParams(AccessTokenEntityInterface $accessToken): array
{
return [
'user_id' => $this->accessToken->getUserIdentifier(),
];
}
}
2. Create your own PassportServiceProvider
class and override the makeAuthorizationServer()
method in order to pass in your own BearerTokenResponse
class.
namespace AppProviders;
use AppAuthBearerTokenResponse;
use LaravelPassportBridge;
use LeagueOAuth2ServerAuthorizationServer;
class PassportServiceProvider extends LaravelPassportPassportServiceProvider
{
/**
* Make the authorization service instance.
*
* @return LeagueOAuth2ServerAuthorizationServer
*/
public function makeAuthorizationServer()
{
return new AuthorizationServer(
$this->app->make(BridgeClientRepository::class),
$this->app->make(BridgeAccessTokenRepository::class),
$this->app->make(BridgeScopeRepository::class),
$this->makeCryptKey('private'),
app('encrypter')->getKey(),
new BearerTokenResponse() // <-- The class you created above
);
}
}
3. Add your provider to the providers array in config/app.php
/*
* Application Service Providers...
*/
AppProvidersPassportServiceProvider::class,
4. Exclude the passport package from laravel auto-discovery in composer.json
This stops the default PassportServiceProvider
class from being loaded.
"extra": {
"laravel": {
"dont-discover": [
"laravel/passport"
]
}
},
Then run composer install
.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…